Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

 Bloomberg reports that Chevron Corp. suspended export obligations on some Nigerian crude production following a pipeline breach at the Escravos oilfield. (See item 1)

1. November 19, Bloomberg – (International) Chevron says Nigeria oil link breach may halt exports. Chevron Corp., the second-largest U.S. oil company, suspended export obligations on some Nigerian production following a pipeline breach at the Escravos oilfield. The force majeure clause, invoked Tuesday after the loss of 90,000 barrels a day last week, will last until December 31, a company spokesman said in an e-mailed statement. “Necessary efforts are ongoing with all relevant stakeholders to evaluate the impact, repair the pipeline and restore production,” the statement said. The pipeline is a joint venture between Chevron and the Nigerian National Petroleum Corp., in which Chevron holds a 40 percent stake. That means its share of the affected output amounts to 36,000 barrels a day, according to the statement. The country’s crude industry has suffered this year from militant attacks and oil theft. Source:

 According to the Seattle Post-Intelligencer, the Bremerton ferry dock in Washington was shut down Tuesday afternoon after a ferry to Seattle received a bomb threat. (See item 14)

14. November 18, Seattle Post-Intelligencer – (Washington) Bomb threat closes Bremerton ferry dock. The Bremerton ferry dock was shut down Tuesday afternoon after a ferry to Seattle received a bomb threat. The crew of the ferry Hyak, which can hold 2,500 passengers and 144 vehicles, received a bomb threats within minutes of sailing for Seattle, said the Coast Guard. The ferry went back to Bremerton and all the passengers disembarked safety. The Coast Guard launched three 25-foot boats from Seattle to provide a safety zone around the dock. Washington State police and the Coast Guard are investigating. Source: http://seattlepi.nwsource.com/transportation/388343_ferry19.html

Details

Banking and Finance Sector

9. November 19, EmpireStateNews.Net – (New York) Natural gas trader pleads guilty to violating state banking law. The Manhattan District Attorney announced Tuesday that a former Bank of Montreal (BMO) natural gas trader has pled guilty to intentionally mismarking his trading book, resulting in one of the largest fraud-related trading losses of over $800 million from a trading desk in Manhattan. A 37-year-old, pled guilty to falsifying BMO’s trading records, a violation of New York State’s Banking Law. In pleading guilty, the defendant admitted that from May 2003 until April 2007, he intentionally falsified BMO’s records relating to the valuation of natural gas derivative contracts. The plea is part of a joint investigation with the United States Attorney’s Office for the Southern District of New York and the New York Office of the Federal Bureau of Investigation into natural gas trading losses at the Manhattan branch of BMO. As part of the joint investigation, the defendant also pled guilty in United States District Court for the Southern District of New York to conspiracy, wire fraud, making false bank entries, and obstructing a federal regulatory investigation. The United States Attorney’s Office also announced the indictment and arrest of a former broker and CEO of Optionable Inc., an energy derivatives brokerage firm in Westchester County, New York. Source: http://www.empirestatenews.net/News/20081119-6.html

10. November 19, SPAMfighter – (National) E-mail scams likely to rise this year, says IRS. The Internet Revenue Service (IRS) has released a warning that e-mail scams are expected to increase this year because of the economic stimulus package. An IRS Spokesperson said that a new wave of e-mail scams has been noticed that informs recipients about an economic stimulus package or a specific tax refund based on their eligibility, as reported by Daily News Tribune on October 31, 2008. The e-mail also includes the IRS address and encourages recipients to follow the link provided in it for getting the money. The links take users to a page where recipients’ personal information is sought, including credit card number and bank account details. Further, some customers of tax service providers got the e-mails pretending to have come from the IRS. These e-mails attract recipients by saying that they are entitled to get $600 as a part of the economic stimulus package, but the link given in them takes recipients to a fake Web page where information like account details and a social security number are asked to transfer the refund. Though the site does not look like the IRS Website, these e-mails come from IRS reply-at e-mail, so they look legitimate. Source: http://www.spamfighter.com/News-11303-E-mail-Scams-Likely-to-Rise-This-Year-Says-IRS.htm

11. November 18, Associated Press – (Hawaii) FBI probes foreclosure scam targeting Hawaiians. The FBI is investigating several companies that allegedly bilked Native Hawaiian homeowners out of more than $300,000 by offering bogus foreclosure rescue bonds. The homeowners were charged between $2,500 and $10,000 to attend seminars

or counseling sessions on avoiding foreclosure. They were told they would receive bonds worth $1 million that could be used to pay off the outstanding balance of the mortgage. Officials said the bonds were bogus and no mortgages were paid off. “These scams have cost homeowners and lending institutions hundreds of thousands of dollars and have led to foreclosure proceedings affecting many families in Hawaii,” said an FBI Special Agent. Several of the companies pushing the bogus bonds claimed to be affiliated with Native Hawaiian sovereignty movements. Source: http://www.google.com/hostednews/ap/article/ALeqM5jFfM0rqfXARoRCnjBOUOP4nmILMwD94H2V900

12. November 17, Hindustan Times and McClatchy-Tribune Information Services – (Virginia) Bollywood investor admits to $33 million fraud in United States. A high-profile Indian-American businessman has pleaded guilty to mortgage fraud amounting to $33 million. The 47-year-old owns a company called Financial Mortgage Inc. in Fairfax County, Virginia. The Washington Post described it as the largest mortgage fraud case in Virginia in almost 20 years and among the largest in the country. The paper quoted prosecutors as saying he created bogus mortgage loans and sold legitimate loans to more than one buyer. He faces up to 20 years in prison. Source: http://www.tradingmarkets.com/.site/news/Stock%20News/2029651/

Information Technology

32. November 18, Web User – (International) Hotmail account scam warning. An email that claims to be from the Hotmail Customer Care team is actually a phishing scam, security experts have warned. The email, which asks recipients to verify the details of their Hotmail account to avoid having it shut down, says that a person’s account will be closed within 24 hours if they do not reply. The English in the email is not especially good, which should make it easier to identify as a scam. “We are having congestions due to the anonymous registration of Hotmail accounts so we are shutting down some Hotmail accounts and yours was among those to be deleted,” the phony email reads. “We are sending you this email to so [sic] that you can verify and let us know if you still want to use this account,” the message continues. It also asks recipients for their username, password, and date of birth. An employee of FaceTime Security said that this scam had been seen before. Source: http://www.webuser.co.uk/news/news.php?id=272371

33. November 17, CNET News – (National) District court halts keylogger spyware sales. A U.S. District Court has temporarily halted the sale of RemoteSpy keylogger spyware at the request of the Federal Trade Commission (FTC), which claims the software violates an FTC Act. The FTC filed a complaint against Florida-based CyberSpy Software on November 5, alleging the company has violated the FTC Act by selling software that can be deployed remotely by someone other than the owner or authorized user of a computer, can be installed without the owner’s knowledge, and can be used to surreptitiously collect and disclose personal information. The FTC also claims CyberSpy unfairly collected and stored personal information gathered with RemoteSpy. The court, in its temporary restraining order filed November 6 against CyberSpy, said there is a “substantial likelihood” that the FTC will be able to prove the spyware maker violated the FTC Act. Source: http://news.cnet.com/8301-13578_3-10099123-38.html?tag=mncol;title

Communications Sector

34. November 19, United Press International – (International) Canadian cops warned of cell phone jammers. Police forces across Canada have been warned to watch for an influx of illegal cell phone jamming devices being sold in the United States. In Ottawa, the Royal Canadian Mounted Police issued a nationwide description of the devices for forces and warned they can pose a serious threat to emergency workers’ safety by affecting their two-way radios, the Ottawa Sun reported. Hand-held jammers are easily purchased online from U.S. sites for as little as $200, with sellers pitching to people in theaters, restaurants, or on public transit who are tired of hearing other people chatting, the report said. The devices emit a strong signal that spans cell phone frequencies and cuts off ties to communication towers. While they are used by police and the military, they are illegal in both the United States and Canada. Source: http://www.upi.com/Top_News/2008/11/19/Canadian_cops_warned_of_cell_phone_jammers/UPI-81871227098884/

35. November 18, Dark Reading – (International) Researcher pokes holes in Bluetooth security improvements. A researcher has revealed glaring security flaws in the newest version of the wireless protocol that let an attacker stage simple man-in-the-middle hacks. Bluetooth Version 2.1, which is gradually becoming available in Bluetooth-enabled devices, in some cases is less secure than the previous version, 2.0, said a chief cryptographer for Aladdin Knowledge Systems and assistant professor at Bar-Ilan University in Israel, at the CSI 2008 Security Reconsidered conference. The chief cryptographer says the password protocol is not secure and can be easily manipulated by an attacker. Key Bluetooth headsets and keyboards are also left unprotected under this new protocol version, which was built to use less power and to lock down Bluetooth devices from man-in-the middle and other attacks. Source: http://www.darkreading.com/security/attacks/showArticle.jhtml;jsessionid=LGX40X10H32HCQSNDLPSKHSCJUNN2JVN?articleID=212100566

36. November 18, Government Technology – (National) Justice Department issues report on telecommunications. The Department of Justice issued a report Tuesday on competitive developments in the telecommunications industry. The report, entitled “Voice, Video and Broadband: The Changing Competitive Landscape and Its Impact on Consumers,” addresses a number of issues that may affect consumers of telecommunications services and antitrust analysis in this industry, including the development of new facilities-based competition, wireless technologies as alternatives to wireline networks, price and non-price consumer benefits from competition, the significance of bundled products, and obstacles to competitive entry. The focus of the report is on telecommunications services provided to residential consumers, rather than business users. Source: http://www.govtech.com/gt/articles/562035

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"